package com.qf.compusdemo.conf;

import com.qf.compusdemo.handler.MyAuthenticationFailureHandler;
import com.qf.compusdemo.handler.MyAuthenticationSuccessHandler;
import com.qf.compusdemo.handler.MyLogoutSuccessHandler;
import com.qf.compusdemo.service.UserDetail;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.sql.DataSource;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;

    @Autowired
    private MyAuthenticationFailureHandler myAuthenticationFailureHandler;

    @Autowired
    private MyLogoutSuccessHandler myLogoutSuccessHandler;

    @Autowired
    private UserDetail userDetail;

    @Autowired
    private DataSource dataSource;

    @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
    @Autowired
    private PersistentTokenRepository persistentTokenRepository;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
            http.formLogin()
                    .loginPage("/index.jsp")
                    .usernameParameter("username")
                    .passwordParameter("password")
                    .loginProcessingUrl("/login")
                    .successHandler(myAuthenticationSuccessHandler)
                    .failureHandler(myAuthenticationFailureHandler);

        http.authorizeRequests()//对所有请求开启认证
                .antMatchers("/main/**","/view/main.jsp","/view/st/**","/boss/update","boss/del","/boss/upload","/boss/delwx","/boss/allwx","/regist/**").hasAuthority("admin")
                .antMatchers("/","/login.html","/index.jsp","/login","/code/kaptcha","/view/maxboss/gg.jsp","/boss/allgg").permitAll()
                .antMatchers("/view/mainnormal.jsp","/view/normal/**","/normal/**").hasAuthority("normal")
                .anyRequest().authenticated();


        http.csrf().disable(); //关闭csrf防护

        //注销的配置
        http.logout().logoutUrl("/logout") //注销时访问的路径
                .logoutSuccessHandler(myLogoutSuccessHandler);

        //免登录配置
        http.rememberMe().userDetailsService(userDetail)
//                .tokenValiditySeconds(60)
//                .rememberMeParameter("remember-me")
                .tokenRepository(persistentTokenRepository);





    }

    @Bean
    public PersistentTokenRepository getPersistentTokenRepository(){
        JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
        jdbcTokenRepository.setDataSource(dataSource);
//        jdbcTokenRepository.setCreateTableOnStartup(true);
        return jdbcTokenRepository;
    }

    @Bean
    PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

}
